rj-chap
IR Consultant. DFIR & Malware analyst. @cactuscon lead. @sansforensics Instructor & Author. @pluralsight Author. Comedy & BJJ dropout. Husband & father.
IRT Consulting LLCPhoenix, AZ
rj-chap's Stars
rj-chap/defcon_31_ad_good_bad_lolWut
NextronSystems/evtx-baseline
A repository hosting example goodware evtx logs containing sample software installation and basic user interaction
Yamato-Security/EnableWindowsLogSettings
Documentation and scripts to properly enable Windows event logs.
stuhli/awesome-event-ids
Collection of Event ID ressources useful for Digital Forensics and Incident Response
nasbench/EVTX-ETW-Resources
Event Tracing For Windows (ETW) Resources
WiredPulse/PoSh-R2
PowerShell - Rapid Response... For the incident responder in you!
hasherezade/pe-bear
Portable Executable reversing tool with a friendly GUI
orhun/godsays
Rust port of the Terry Davis' (RIP) "god says" program
CheckPointSW/Evasions
Evasions encyclopedia gathers methods used by malware to evade detection when run in virtualized environment. Methods are grouped into categories for ease of searching and understanding. Also provided are code samples, signature recommendations and countermeasures within each category for the described techniques.
dnSpyEx/dnSpy
Unofficial revival of the well known .NET debugger and assembly editor, dnSpy
tclahr/uac
UAC is a Live Response collection script for Incident Response that makes use of native binaries and tools to automate the collection of AIX, Android, ESXi, FreeBSD, Linux, macOS, NetBSD, NetScaler, OpenBSD and Solaris systems artifacts.
MakeItHackin/DEFCON30SAO
SofianeHamlaoui/Conti-Clear
Extracted data & informations from the Conti & TrickBot leaks.
tarcisio-marinho/GonnaCry
A Linux Ransomware
paranoidninja/Brute-Ratel-External-C2-Specification
This repository provides the core to build your own External C2 Server and Connector for Brute Ratel C4
paranoidninja/Brute-Ratel-C4-Community-Kit
This repository contains scripts, configurations and deprecated payload loaders for Brute Ratel C4 (https://bruteratel.com/)
irBags/Project-P3OL-compatible-software
AOL® 3.0 32-bit client software for use with the P3OL server project.
jmunkki/Avara
Avara game, originally published in 1996 for MacOS.
avaraline/otto
otto snacks on ALF
avaraline/Avara
Port of the original 1996 game from Ambrosia Software.
philhagen/geoip-bootstraps
blueteam0ps/AllthingsTimesketch
This repository contains helper scripts and custom configs to get the best out of Google's Timesketch project.
Synzack/Excel-4.0-Shellcode-Generator
Te-k/cobaltstrike
Code and yara rules to detect and analyze Cobalt Strike
strozfriedberg/cobaltstrike-config-extractor
Cobalt Strike Beacon configuration extractor and parser.
dafthack/RDPSpray
Tool for password spraying RDP
advanced-threat-research/DarkSide-Config-Extract
BC-SECURITY/Empire
Empire is a post-exploitation and adversary emulation framework that is used to aid Red Teams and Penetration Testers.
NYAN-x-CAT/Lime-RAT
LimeRAT | Simple, yet powerful remote administration tool for Windows (RAT)
S1ckB0y1337/Active-Directory-Exploitation-Cheat-Sheet
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.